Add etcd-empty-dir-cleanup.yml cleanup inspired from kubernetes project

onfido · Oct 18, 2017 · 12db74b · 12db74b
1 parent a4b3c93
commit 12db74b
Show file tree

Hide file tree

Showing 5 changed files with 102 additions and 4 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,14 +1,24 @@
 FROM alpine:3.6
 
+ENV ETCD_VERSION 3.1.4
+ENV KUBE_VERSION 1.6.2
+
 RUN apk add --update bash curl docker \
     && rm -rf /var/cache/apk/*
 
 RUN cd /usr/local/bin \
-    && curl -O https://storage.googleapis.com/kubernetes-release/release/v1.6.2/bin/linux/amd64/kubectl \
+    && curl -O https://storage.googleapis.com/kubernetes-release/release/v${KUBE_VERSION}/bin/linux/amd64/kubectl \
     && chmod 755 /usr/local/bin/kubectl
 
-COPY docker-clean.sh k8s-clean.sh /bin/
-RUN chmod +x /bin/docker-clean.sh && chmod +x /bin/k8s-clean.sh
+RUN cd /tmp \
+    && curl -OL https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/etcd-v${ETCD_VERSION}-linux-amd64.tar.gz \ 
+    && tar zxf etcd-v${ETCD_VERSION}-linux-amd64.tar.gz \
+    && cp etcd-v${ETCD_VERSION}-linux-amd64/etcdctl /usr/local/bin/etcdctl \
+    && rm -rf etcd-v${ETCD_VERSION}-linux-amd64* \
+    && chmod +x /usr/local/bin/etcdctl
+
+COPY docker-clean.sh k8s-clean.sh etcd-empty-dir-cleanup.sh /bin/
+RUN chmod +x /bin/docker-clean.sh /bin/k8s-clean.sh /bin/etcd-empty-dir-cleanup.sh
 
 ENV DOCKER_CLEAN_INTERVAL 1800
 ENV DAYS 7

diff --git a/README.md b/README.md
@@ -1,6 +1,9 @@
 ## k8s-cleanup
 
-Cleans up exited containers and dangling images/volumes running as a DaemonSet (`deploy-ds.yml`) and cleans up old replica sets and finished jobs as a CronJob (`deploy-cron.yml`).
+Here are 3 cleanups you can apply on your kubernetes cluster:
+* Cleans up exited containers and dangling images/volumes running as a DaemonSet (`deploy-ds.yml`).
+* Cleans up old replica sets and finished jobs as a CronJob (`deploy-cron.yml`).
+* Cleans up empty directory (not used anymore) in etcd as a CronJob (`etcd-empty-dir-cleanup.yml`).
 
 You must have `batch/v2alpha1` enabled on your k8s API server runtime config in order to run the CronJob.
 
@@ -12,6 +15,8 @@ In the CronJob (`deploy-cron.yml`) you can set `DAYS` to modify the maximum age
 ### Deployment
 
 ```
+kubectl --context CONTEXT -n kube-system apply -f rbac.yml
 kubectl --context CONTEXT -n kube-system apply -f deploy-ds.yml
 kubectl --context CONTEXT -n kube-system apply -f deploy-cron.yml
+kubectl --context CONTEXT -n kube-system apply -f etcd-empty-dir-cleanup.yml 
 ```
diff --git a/etcd-empty-dir-cleanup.sh b/etcd-empty-dir-cleanup.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+# Copyright 2016 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+echo "Starting cleanup..."
+echo "Removing empty directories from etcd..."
+
+cleanup_empty_dirs () {
+  if [ "$(etcdctl ls $1)" ]; then
+    for SUBDIR in $(etcdctl ls -p $1 | grep "/$")
+    do
+      cleanup_empty_dirs ${SUBDIR}
+    done
+  else
+    echo "Removing empty key $1 ..."
+    etcdctl rmdir $1
+  fi
+}
+
+cleanup_empty_dirs "/registry"
+echo "Done with cleanup."
diff --git a/etcd-empty-dir-cleanup.yml b/etcd-empty-dir-cleanup.yml
@@ -0,0 +1,30 @@
+apiVersion: batch/v2alpha1
+kind: CronJob
+metadata:
+  name: etcd-empty-dir-cleanup
+  namespace: kube-system
+spec:
+  schedule: "0 2 * * *"
+  concurrencyPolicy: "Forbid"
+  jobTemplate:
+    spec:
+      template:
+        metadata:
+          name: etcd-empty-dir-cleanup
+        spec:
+          hostNetwork: true
+          nodeSelector:
+            kubernetes.io/role: master
+          tolerations:
+          - effect: NoSchedule
+            key: node-role.kubernetes.io/master
+          restartPolicy: OnFailure
+          serviceAccountName: k8s-cleanup
+          containers:
+          - name: k8s-cleanup
+            image: onfido/k8s-cleanup
+            command: ["/bin/bash", "/bin/etcd-empty-dir-cleanup.sh"]
+            resources:
+              requests:
+                cpu: 100m
+                memory: 50Mi
diff --git a/rbac.yml b/rbac.yml
@@ -0,0 +1,20 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: k8s-cleanup
+  namespace: kube-system
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: k8s-cleanup
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+- kind: ServiceAccount
+  name: k8s-cleanup
+  namespace: kube-system